CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24205
https://notcve.org/view.php?id=CVE-2025-24205
31 Mar 2025 — An authorization issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access user-sensitive data. • https://support.apple.com/en-us/122371 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24194
https://notcve.org/view.php?id=CVE-2025-24194
31 Mar 2025 — A logic issue was addressed with improved checks. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, tvOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may result in the disclosure of process memory. • https://support.apple.com/en-us/122371 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-30456
https://notcve.org/view.php?id=CVE-2025-30456
31 Mar 2025 — A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges. • https://support.apple.com/en-us/122371 •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24229
https://notcve.org/view.php?id=CVE-2025-24229
31 Mar 2025 — A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A sandboxed app may be able to access sensitive user data. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24157
https://notcve.org/view.php?id=CVE-2025-24157
31 Mar 2025 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory. • https://support.apple.com/en-us/122373 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24248
https://notcve.org/view.php?id=CVE-2025-24248
31 Mar 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to enumerate devices that have signed into the user's Apple Account. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30437
https://notcve.org/view.php?id=CVE-2025-30437
31 Mar 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory. • https://support.apple.com/en-us/122373 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30460
https://notcve.org/view.php?id=CVE-2025-30460
31 Mar 2025 — A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access protected user data. • https://support.apple.com/en-us/122373 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24209
https://notcve.org/view.php?id=CVE-2025-24209
31 Mar 2025 — A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Processing maliciously crafted web content may lead to an unexpected process crash. • https://support.apple.com/en-us/122371 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24198
https://notcve.org/view.php?id=CVE-2025-24198
31 Mar 2025 — This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access may be able to use Siri to access sensitive user data. • https://support.apple.com/en-us/122371 • CWE-284: Improper Access Control •